[2.x] fix: disable auto_tls for None encryption, add SSL cert verification bypass#4445

imorland · 2026-03-14T22:09:34Z

Fixes #4439

Summary

Two bugs in the SMTP driver, both present since the Symfony Mailer migration:

Bug 1 — None encryption silently upgrades to STARTTLS. When "None" is selected, EsmtpTransport was opportunistically negotiating STARTTLS if the server advertised it. Fix: pass auto_tls=false in the DSN options so the connection stays plaintext as configured.
Bug 2 — No way to bypass SSL certificate verification. Administrators using internal mail servers with self-signed certificates had no way to proceed. Fix: new boolean admin setting "Verify SSL Certificate" (mail_smtp_verify_peer); when disabled, verify_peer=false is passed in the DSN options.

Changes

SmtpDriver: adds auto_tls=false for None encryption, verify_peer option, new mail_smtp_verify_peer setting
SmtpDriver: depends on TransportFactoryInterface instead of the final EsmtpTransportFactory (better design, enables unit testing)
MailServiceProvider: binds TransportFactoryInterface → EsmtpTransportFactory
MailPage.tsx: type detection now handles boolean → 'bool' (renders a toggle switch)
core.yml: adds mail_smtp_verify_peer_label and mail_smtp_verify_peer_help

Tests

SmtpDriverTest: 10 unit tests covering scheme selection, auto_tls, and verify_peer for all encryption modes
MailTest (integration): updated expected smtp fields to include mail_smtp_verify_peer
Also adds unit tests for all other built-in drivers that previously had none: NullDriverTest, SendmailDriverTest, LogDriverTest (including FlarumLogTransport behaviour), MailgunDriverTest (including validation rules)

Test plan

Configure SMTP with encryption = None, verify connection stays plaintext (no STARTTLS)
Configure SMTP with a self-signed cert server, disable "Verify SSL Certificate", verify mail sends
All new unit tests pass: ./vendor/bin/phpunit tests/unit/Mail/
Integration test passes: ./vendor/bin/phpunit tests/integration/extenders/MailTest.php

…ation bypass option Fixes two bugs in the SMTP driver (issue #4439): 1. When encryption is set to "None", Symfony's EsmtpTransport was silently negotiating STARTTLS if the server advertised it. Passing auto_tls=false to the DSN opts out of this behaviour so the connection stays plaintext as intended. 2. There was no way for administrators to disable SSL certificate verification, making the driver unusable with internal mail servers that use self-signed certificates. A new "Verify SSL Certificate" boolean toggle (mail_smtp_verify_peer) passes verify_peer=false when disabled. Also refactors SmtpDriver to depend on TransportFactoryInterface rather than the final EsmtpTransportFactory, and adds unit tests for all five built-in mail drivers. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

imorland and others added 2 commits March 14, 2026 22:08

Apply fixes from StyleCI

e6598cd

imorland requested a review from a team as a code owner March 14, 2026 22:09

imorland changed the title ~~fix(mail): disable auto_tls for None encryption, add SSL cert verification bypass~~ [2.x] fix: disable auto_tls for None encryption, add SSL cert verification bypass Mar 14, 2026

imorland added the type/bug label Mar 14, 2026

imorland added this to the 2.0.0-beta.8 milestone Mar 14, 2026

imorland merged commit ca151d0 into 2.x Mar 14, 2026
27 checks passed

imorland deleted the im/smtp-bugfix branch March 14, 2026 22:18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[2.x] fix: disable auto_tls for None encryption, add SSL cert verification bypass#4445